Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Military Uses 8-Inch Floppy Disks To Coordinate Nuclear Force Operations (cnbc.com)

Posted by BeauHD on from the outdated-infrastructure dept.

An anonymous reader writes from a report via CNBC: A new report reveals the U.S. Defense Department is still using 8-inch floppy disks in a computer system that coordinates the operational functions of the nation's nuclear forces. The Defense Department's 1970s-era IBM Series/1 Computer and long-outdated floppy disks handle functions related to intercontinental ballistic missiles, nuclear bombers and tanker support aircraft, according to the new Governmental Accountability Office report. The report shows how outdated IT systems are being used to handle important functions related to the nation's taxpayers, federal prisoners and military veterans, as well as to the America's nuclear umbrella. "Federal legacy IT systems are becoming increasingly obsolete: Many use outdated software languages and hardware parts that are unsupported," the report found. "Agencies reported using several systems that have components that are, in some cases, at least 50 years old." From the report: "GAO pointed out that aging systems include the Treasury Department's 'individual master file,' which is the authoritative data source for individual taxpayers. It's used to assess taxes and generates refunds. That file 'is written in assembly language code -- a low-level computer code that is difficult to write and maintain -- and operates on an IBM mainframe,' the report said." The report also mentioned that several other departments, such as the departments of Treasury, Commerce, Health and Human Services and the Veterans' Administration, "reported using 1980s and 1990s Microsoft operating systems that stopped being supported by the vendor more than a decade ago."

40 of 267 comments (clear)

  1. Well... by Arkh89 · · Score: 5, Funny

    I hope they don't click the red cross... or we are all fucked...

    1. Re:Well... by um...+Lucas · · Score: 3, Informative

      Click? Red? Surely you jest, I don't think IBM machines from that era had either Mice, GUI's or color displays with which to display red...

    2. Re:Well... by fuzzyfuzzyfungus · · Score: 4, Interesting

      It was all pretty monochrome; but some surprisingly early GUIs existed. SAGE had them(with lightguns rather than mice, since it predated those by a fair bit); among various other flavors of 'it's actually pretty impressive what you can do with vacuum tubes if you have a lot of smart people and nigh-unlimited money' style tech.

    3. Re:Well... by Koen+Lefever · · Score: 2

      Don't forget Digital Research's GEM, Berkeley Softworks' GEOS and VisiCorp's Visi On.

      --
      /. refugees on Usenet: news:comp.misc
  2. Security through obscurity, that might work... by crypTeX · · Score: 4, Interesting

    We really should applaud them. Imagine how hard it will be to figure out how to write code to hack this.

    1. Re:Security through obscurity, that might work... by Geoffrey.landis · · Score: 4, Funny

      The bad news is that it's not a very secure operating system. The good news is that the hackers are having trouble figuring out how to get the 2600 baud acoustic modems to ARPAnet to download the malware...

      --
      http://www.geoffreylandis.com
    2. Re:Security through obscurity, that might work... by U2xhc2hkb3QgU3Vja3M · · Score: 2

      300 baud? Surely you mean 110.

    3. Re:Security through obscurity, that might work... by MrKaos · · Score: 2

      With 8 inch floppy disks and a 70s computer, it would have been 300 baud at best. So slow you can hear the characters.

      Only a 300 baud modem is baud and bps exchangeable.

      It probably has an acoustic coupler as well ;) and when they pick up the phone the modem tone says 'Do you want to play a game?'

      --
      My ism, it's full of beliefs.
  3. It's hopeless by realmolo · · Score: 4, Insightful

    This kind of "back-end" software is EXACTLY the kind of thing that contractors DREAM of. Nobody knows how it works, and the general public never has to see it, so they can't complain about it being a piece-of-shit that they paid for.

    It's just like the air traffic control system "upgrade" they've been working on for nearly 30 years. The contractors have ZERO incentive to ever provide a working product. Much better to keep in in development forever.

    I'm not one of those "government can't do anything right" people, but this is one of those things that is just a tailor-made pork-barrel disaster. I see why they don't want to even bother trying.

    1. Re:It's hopeless by holophrastic · · Score: 4, Insightful

      Seems like a good investment to me. Operational for fifty years, and never been hacked. Seems like your government did everything right -- oh how I wish that had continued to be true.

    2. Re:It's hopeless by ShanghaiBill · · Score: 5, Interesting

      The contractors have ZERO incentive to ever provide a working product.

      I have worked on tech projects both as a government employee and as a contractor. Most projects were disasters for the reasons you list, but I have seen a few successes. Here is a quick checklist:

      1. Do NOT use a contractor. They have a vested interest in bloat and delay.
      2. Use your own subordinates so they have skin in the game, and their future raises and promotions depend on the success of the project.
      3. Make sure they are a small team that has worked together successfully in the past on similar projects.
      4. Starve them of resources, so they have no choice but to implement a clean and simple design, with only basic functionality.
      5. Avoid hyping or even announcing the project until you have something working. If you hype it early, you will get demands for every feature, including the kitchen sink, thrown at you, and you will get politically connected contractors forced on you.

    3. Re:It's hopeless by Kjella · · Score: 3, Insightful

      1. Do NOT use a contractor. They have a vested interest in bloat and delay.
      2. Use your own subordinates so they have skin in the game, and their future raises and promotions depend on the success of the project.

      1. Depends. Small contractors have often been the ones pushing to cut through the fluff and get real specs and deliverables on the table because they know the budget is fixed, not delivering makes them look bad and if they don't it'll just fizzle like so many projects we have that are ongoing but never really materialize. "Too big to fail" projects that'll be funded next year too unless hell freezes over are different, but then you're often screwed because you really don't have the skills or resources in-house. In fact big projects almost always fail because of the next one.
      2. For the most part, that simply can't happen. There's no authority to make incentive or performance-based pay, I have my pay grade and overtime pay. As for raises, if I were to get any significantly more pay than anyone with less education, experience and tenure it'd raise hell with unions and whatnot. And it's often the same with promotions, you'll get promoted when it's your turn because if they pass up a candidate that's better on paper there's actually a formal complaint process. Same with public procurement processes, nobody's free to do what they feel is best for the bottom line.

      As for 3-5. they're generally good ideas. If you give people too much time and money to try solving every problem forever, they'll sit around making grand plans and often dismissing the reasons why the current system has become such a mess as bad design, when in reality it's a messy world out there and kludges are our way to cope.

      5. Avoid (...) even announcing the project until you have something working.

      Sadly I've found this is the easiest way to get something done, particularly if it's the type of solution that's not great but less terrible than the one we have. They say learn to walk before you run, but nobody here seems to have heard it. Every time there's a project to get on our feet, somebody must come in and crush it because it's not good enough. Which usually means we're crawling around for a few more years while they argue about their master plan to simultaneously win the 100m dash and the marathon at the Olympics.

      I'm so tired of pie-in-the-sky plans that end up a mad dash to deliver the barest minimum because somebody finally put the foot down, basically throwing away 90% of the work because there was no time to even try implementing anything remotely like it. There should be like a shot clock, if you've spent 30% of your budget start implementing and figure out where the rubber meets the road. Anything else leads to meaningless exercises like trying to estimate a solution where we haven't even decided on the principle for the solution, much less made an actual design and broken it down into work that needs doing and could reasonably be estimated.

      --
      Live today, because you never know what tomorrow brings
    4. Re:It's hopeless by F.Ultra · · Score: 2

      Yes, imagine the horror when they "upgrade" to new and shiny. At least it will web scale or something.

  4. So What? by plopez · · Score: 5, Insightful

    They've been stable for decades. I'll take master files on floppy disks and programs written by people who cared over "eventually consistent" databases developed by "just good enough" monkeys any day.

    --
    putting the 'B' in LGBTQ+
    1. Re:So What? by nuckfuts · · Score: 4, Insightful

      Yes and no. I would not advocate changing operating systems simply because they "stopped being supported by the vendor more than a decade ago". After all, if your needs have been met for decades by something like MS-DOS 6.1 or Windows 3.11, what "support" would you looking for from Microsoft today?

      Physical devices are a completely different issue, however. Floppy drives and floppy disks WILL wear out and fail. Maybe these agencies have a stockpile of spares, or maybe someone is still manufacturing 8" floppies to sell to the government for an arm and a leg, but barring that, good luck sourcing replacements for your antique computer hardware when it fails.

    2. Re:So What? by Anonymous Coward · · Score: 3, Informative

      I work on similar systems, and while we don't have stuff quite that old, the US Military absolutely knows about the obsolescence, yes those floppy drive and floppy disks do wear out. However they knew that when they built the system, when they bought the drives back then they went out and bought a 50 year supply of drives and floppies. And today the still repair the systems, and the logistics guys know roughly when they will run out of parts, and they will replace those bits when they need to. With those old systems it's very much a plan of fix and replace only what needs to be fixed and replaced, they know the failure rates and the specs don't change.

  5. So if... by dfsmith · · Score: 5, Funny

    If I notice a quantity of 8" floppies dropped around a parking lot next to an inconspicuous government building, can I assume that some sort of Stuxnet cyber attack is under way?

  6. More like by fred911 · · Score: 4, Interesting

    Security through obsolescence.

    --
    09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
    1. Re:More like by bancho · · Score: 3, Funny

      More like: Security through Antiquity :)

    2. Re:More like by pslytely+psycho · · Score: 2

      The Rosetta Stone in this case is likely a 10" thick set of punch-cards....

      --
      Donald Trump, on a crusade to make Nixon look respectable
  7. To what extent is this actually bad? by fuzzyfuzzyfungus · · Score: 3

    I'd be curious to know how many of these seriously outdated systems are egregious piles of failure; and how many are utterly contrary to any fad of the week from the last three decades; but where done right the first time and actually compare pretty favorably to the results of (the so often horribly doomed) 'upgrade' efforts.

    Some flavors of outdated are fairly clearly bad; if you can't get replacement hardware without raiding a museum or reverse engineering and cloning/emulating quirky 80s gear all by yourself, keeping your systems running is going to be unpleasant and expensive. If you have a system whose security depends on an OS or other 3rd party components that have exciting known vulnerabilities and haven't had vendor support even under a thrillingly expensive special extended contract with the vendor in a decade, you have a problem.

    If you have a legacy system that is merely retro; but well built and supported by hardware you can still get without much trouble, you will certainly get your share of snide comments about its dreadfully antique design; but you are taking a real risk in trying to modernize it. Those sorts of 'upgrades' don't always fail; but agonizing, wildly expensive, upgrade attempts that languish in development so long that the upgrade is obsolete before you've finished deploying it are hardly uncommon.

    Sure, in an ideal world, we'd all get to implement from scratch with all the benefits of hindsight and absolutely no accrued technical debt; but we don't live in an ideal world. How many of these systems are old as in broken; and how many are old as in classic?

    1. Re:To what extent is this actually bad? by fuzzyfuzzyfungus · · Score: 2

      I wouldn't necessarily take refuge in obscurity if running something important; a core IRS system or nuclear-related control systems would be the sort of targets where you'll get some fairly motivated attackers rather than just kiddies looking for soft targets. That said, it's not necessarily the case that old=insecure in a situation where you aren't dealing with software thrown together as fast as possible to secure a first mover advantage or win a feature race with competitors.

      There have been a lot of advances over the years in the average state of low cost hardware and software, and in attempting to mitigate the results of running a hodgepodge of untrusted and mostly crap software exposed to a constant stream of hostile input from the internet; but that newer-is-mostly-less-awful trend is really most notable in the cheap seats, not in comparatively simple(if only because the hardware wasn't available for anything bigger) and very expensive systems built for justifiably paranoid customers.

      I suspect that some of the now outdated 'COTS' based systems are truly horrifying: new and common enough that plenty of known vulnerabilities exist, old and dysfunctional enough that they probably aren't getting fixed; but the more unusual evolutionary dead ends, while not cheap to support, have at least a chance of being extremely good at what they do.

    2. Re:To what extent is this actually bad? by SvnLyrBrto · · Score: 2

      Retro becomes a problem because it becomes excessively expensive, or even impossible, to maintain.

      Consider just those 8" floppy disks. For starters, they're not exactly durable. And barring clumsiness, the oxide coating used for data storage continues to oxidize over time since they're not airtight. So every one of them is slowly going bad and needs to be periodically replaced. Vintage disks in a warehouse would also be exposed to oxygen and slowly going bad. So somewhere there's a production line running, still turning out 8" floppy drives. There's a certain minimum cost to keep any production line running. And how many customers besides the DoD do you suppose that vendor has? So those are some epically expensive 8" floppy disks.

      The production line to make those 8" floppies needs maintenance and, critically, spare parts when something breaks. These are unlikely to be industry-standard machine parts... how many 8" floppy fabs still exist? So any replacement parts to the production line would need to be a custom job from a machine shop, at obscene pricing. (Skilled machinists are becoming more and more rare in the US and custom work demands a large premium.) And since the Air Force probably doesn't a steady supply of these floppies, and there are unlikely to be many, if any, other buyers, the production line probably starts and stops every so often to produce batches around replacement time. Starting or stopping a production line is a large expensive process itself; sometimes more expensive even than leaving it running at low volume for extended times. And what happens if, at the next contract renewal, the vendor decides it just doesn't want to be in the 8" floppy business anymore? What happens if the vendor goes out of business

      And that's just one component of the "retro but still functional" design. Pretty much any and every replacement part is likely to be a custom job at this point. And, for obvious reasons, that production isn't something you can just job out to China.

      --
      Imagine all the people...
  8. Security by Obscurity by The+New+Guy+2.0 · · Score: 2

    The government doesn't want anything in general release in these situations. A large old floppy isn't readable or writable by the average Windows computer. This creates "security by obscurity" that makes it harder for a non-authorized command to be run. We don't want some kid playing Thermo-Nuclear War.

  9. Only if you are narrow minded by s.petry · · Score: 2

    The military using special technology is a good thing from a security perspective. It is not supposed to run on Commodity hardware and software, because if anyone can work on it everyone potentially has access.

    Stop playing the narrow minded "cheap is good" game and consider other reasoning. Longevity is a good thing, not a bad thing. Specialized knowledge in security is a good thing, not a bad thing. It's only government waste because you are only considering a very minor aspect.

    By the way, if they were using "new tech" it would not last for half a damn century. It would have been stuffed in the trash every couple years, like we do with the majority of our servers today who have an average lifespan of less than a year before the first malfunction causing a hard stop.

    --

    -The wise argue that there are few absolutes, the fool argues that there are no probabilities.

    1. Re:Only if you are narrow minded by tnk1 · · Score: 2

      Your sarcasm is misplaced and missing the point. Nowhere did I suggest that a commodity rule was required for this. There is a middle ground.

      As for independent systems, you know that the military uses things like Windows, right? On warships. And for passing classified messages. It's not Windows 10, but it's not like we have to handcraft our operating systems.

      You think that the code written in assembler stored on 8-inch floppies makes something secure? You'll be lucky if there is any security features on it at all. The reason it is secure isn't that it is secured by obscurity, it's because it is secured behind (mostly physical) measures that work to protect the entire US nuclear weapons control system. If Iran guarded their air-gapped Windows based control systems for their centrifuges as well as we guard our nuclear weapons, we wouldn't have been able to get a USB drive or 3.5 inch floppy into their machines either.

      If the Government uses 1970s tech they can train new people to support it. Just like they have done for nearly 50 years. It's not like when Joe retires he takes all of his worldly knowledge with him. Good grief, it that were true then long ago someone died and that explains why nobody can ever balance a checkbook again!

      Actually... balancing a checkbook may be on its way out in a generation or two. Who actually uses one any more? But aside from that, I should point out that the difference between nuclear weapons control systems and balancing checkbooks is that the skill set behind checkbooks is simple math and it used to have universal adoption, the other not so much. And humans certainly can lose skills through the passage of time and neglect if it isn't something with a ready source of reinforcement.

      More to the point, I'm less concerned about those operating these systems, as they were built to be run by 18 year olds. I'm more concerned with what happens when they break, or we actually need a new *feature*.

      You assume we can train someone because we seem to have before, but that's a huge assumption. Where are the schools that are teaching this? Sure, the Air Force can teach operators, but this is written in Assembler. Here's what the report actually said:

      " For example, one agency (SSA) reported re-hiring retired employees to maintain its COBOL systems."

      COBOL was a widely used language at one point. No one is learning it now. One guy I know who has used it went to a job fair and no one at it who knew COBOL was under 50 years old. Do you think that someone who knows how to code for the specialized hardware for the nuclear control systems is going to be even that easy to find?

      They're not re-training... they're using the already trained people until they die. There are no replacements.

      The answer is actually going to be that when it does break or a new feature needs to be had, they won't find these people to train. They will spend time and effort of building it from scratch all over again. In a new language. With parts that have actually been in a full production run in the last decade. And they fail, fail, fail until they get it right again, and the government promptly neglects it for another 40 years. And the failure only builds up every year that they hold out.

      So, sure, don't install the latest version of Windows or buy your components off Amazon, but there has to be a better way than what they're doing.

  10. Re:So it's air gapped. That's good, right? by thinkwaitfast · · Score: 5, Insightful

    There's probably more rationale here than many realize.

    I'd doubt it. More like,

    If it ain't broke, don't fix it.

  11. The Russians must be laughing... by bogaboga · · Score: 2

    It amazes me that our so called analysts then laugh at Russia for what they sometimes called its "rustbucket military hardware."

    That was until [in Syria], it delivered a shock to us us in the west, with its successive wins on the battlefield, despite having less hardware compared to the west's.

  12. 8" floppy disks are reliable as fuck! by blind+biker · · Score: 2

    I worked at a bank that had several mainframes IPL-ing from 8" floppies - I left the bank at the end of the 90's - at that point, the system has been operational for more than a decade. As far as I know, not a single floppy has ever failed during the years I've been there, or before my tenure.

    --
    "The agriculture ministry is not in charge of Gundam" - Japanese ministry official.
    1. Re:8" floppy disks are reliable as fuck! by serviscope_minor · · Score: 2

      Not surprising that the quality went down. I do remember when I was starting off, floppies were reliable. I don't think I actually remember one failing on me, but they were pretty pricey. By the end, they'd been caught in an aggressive price war and so of course the quality was in the pan. It got to the stage where you couldn't even necessarily transfer a file once off on one without it crapping out.

      It's not a "things were better then", it's that a race to the bottom price wise produces junk. Of course if I'd kept on buying expensive 3M ones, I'd probably not be saying this...

      --
      SJW n. One who posts facts.
  13. Re:My watch has more computing power by citylivin · · Score: 2

    but can it end civilization?

    --
    As a potential lottery winner, I totally support tax cuts for the wealthy
  14. It ain't broke, is it? by WheezyJoe · · Score: 5, Interesting

    Sounds to me like tax-payer dollars well-spent on equipment that keeps on giving.

    Maybe your typical gamer has to upgrade every coupla years because the latest Doom doesn't run well on a 4-year old GeForce. Maybe Macy's needs to upgrade their mainframes because they have way more inventory to deal with and want to offer more sales online. And maybe we all need to upgrade off Windows XP (looking at you, banks, with your hackable ATM's) because it was a lousy, full-of-security-holes platform in the first place.

    But as Microsoft tries to force me off my perfectly workable Windows 7 for no damn reason, I wonder why a machine bought by a government department, that does the job and does it really well, needs to be upgraded or swapped out for something new that may or may not work because of something non-related to whether the damned thing does the job and does it really well. Replacing such a system is not easy, particularly when there are consultants circling overhead, hungry for a fat government contract so they can build a complete clusterfuck out of overpriced commodity hardware that does nothing approaching what the old system did. And needs to be upgraded all over again in 2-3 years.

    Yes, on the one hand, holy shit! those are old floppy drives. On the other hand, holy shit! they still work and do the job after all these years. Why have we grown so accustomed to throwing shit out every coupla years? Seems to me, government (state and federal) is one of those areas where shit oughta stay the same for a while so people can focus on getting the job done, rather than re-learning and re-tooling every few years just because some software vendor wants to sell another release of something.

    --
    Take it easy, Charlie, I've got an Angle...
  15. Re:WOPR? by bobbied · · Score: 2

    WOPR or really the idea behind it is EXACTLY why we use 1950's technology still in our nuclear silos.

    Think about it. If you own an operational nuclear tipped missile, your primary concern is that it is only going to detonate when and where YOU want it too. Also figure that you realize that this thing is going to be sitting for decades, hopefully with a minimum of mess and fuss over things like maintenance and refurbishment. It may sit there for multiple decades, but it HAS to work when you push the button under adverse operating conditions. This means you need a really robust system that's easy to take care of.

    ALL of these requirements mean you will choose the most simple design that fulfills your needs. The one with the least parts, especially those parts that move, and once you have a proven design, you are going to be loathed to change it just because it's out dated. Once it works and proven there will be NO changes without some seriously good reasons. Newer is not always better. You don't mess with a design that works, just because it's old.

    Couple this with the fact that the government is where the obsolete is always in style and it's never simple (nor cheap) to change anything and you can see why stuff like this takes on a life of its own. Why change it? It works and we don't need anything else that's better.

    One more thing that comes to mind.. Nuclear weapon development is subject to international treaty oblations. I don't pretend to know all the details, but I'm fairly sure that we cannot just go out and replace our current crop of nuclear missiles w/o having issues with some treaties.... Not that Putin could do much about it if we unilaterally decided to do something, but he'd sure be crying foul and loudly if we did.. Not to mention the political fall out from that...

    --
    "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
  16. And here's the full GAO report by Guy+Harris · · Score: 4, Informative

    Here's the actual Government Accounting Office report, if you want to read it instead of a Slashdot story about a news story about the report.

  17. Re:So it's air gapped. That's good, right? by tnk1 · · Score: 3, Interesting

    That's the major problem though. It's not that it is a bad thing, precisely, to have a system that works for 50 years. The problem is that logistics and support is horrendously complicated.

    Probably the only way that this is still even partially maintainable is because the government is single-handedly propping up production of 8-inch floppies, which probably now cost something like $20,000 a piece. Not only because they are low production runs, but because on top that, they probably have to be built to a particular government standard that no one has updated since 1970 to make them able to be trusted for controlling nuclear weapons while also being handled by barely trained 18 year olds.

  18. The Brooklyn Bridge is 150 years old. by Brannon · · Score: 2

    nt

  19. Re:Wasn't this on 60 Minutes? by PPH · · Score: 3, Funny

    Yes. But the story was forwarded to Slashdot via UUCP/dialup with a 12 hop bang path. So we only just got it.

    --
    Have gnu, will travel.
  20. Re: So it's air gapped. That's good, right? by Anonymous Coward · · Score: 2, Insightful

    And what exactly is wrong with that?

    New shiny stuff is much scarier...

  21. Re: So it's air gapped. That's good, right? by tnk1 · · Score: 2

    They can last awhile, but if they haven't been recently producing them, these have probably been stockpiled for 20-40 odd years. The disk media may well last that long, but the mechanical drives have a way of becoming misaligned and destroying the media over time. It's unlikely that in 40 years this has not happened at least a few times. It's one thing to pop a disk in that you've only intermittently used into a drive after 30 years, another entirely to have it either being in that drive all the time, or being inserted and removed repeatedly. You're going to have failures and they're going to need to be replaced every so often. Perhaps they have a large enough stockpile of them, but it would make me pretty nervous to have to rely on them lasting.

    But, let's face it, its the government itself who did the study and wants to replace them. They have done the work to determine why they can't be using these forever. I don't even really need to speculate.

  22. Trused code and OS by RY · · Score: 2

    The programs written for the weapons are the only item run on the computers for a reason. The code is trusted and audited which is way more important than new and flashy. Changing or updating the underlying OS or code requires a new audit and verification.

    The calculations can be done longhand for verification.

    Read the rainbow series for more info if they are still in existence.